Hello, Guest!

Cybersecurity

CISA Nearing Completion of Zero Trust Architecture Guidance

Cybersecurity guidance

CISA Nearing Completion of Zero Trust Architecture Guidance

The Cybersecurity and Infrastructure Security Agency is finishing up several guidance documents that would help organizations transition to a zero trust environment.

John Simms, deputy branch chief of CISA’s Cybersecurity Assurance Branch, said during an ATARC panel event that there is a necessary shift from a network-centric way of approaching cybersecurity and visibility. He shared that the documents and other efforts that the cybersecurity agency is taking up will help agencies adopt a more data-centric way of tackling security matters.

Since the start of September, CISA and the Office of Management and Budget have rolled out the draft zero trust strategy, the draft cloud security technical reference architecture and the draft zero trust maturity model. According to Simms, the guidelines were created after President Joe Biden signed an executive order that focused on cybersecurity. The EO required CISA to change expectations for zero trust architecture and the services the agency provides to emphasize the concepts of zero trust at the application and data layers, Federal News Network reported.

The CISA official shared that the organization focused on how zero trust architecture would work with the National Institute of Standards and Technology‘s Special Publication 800-53, which focuses on security and privacy controls for information systems and organizations. According to Simms, there is a significant difference between CISA’s view of the cybersecurity architecture and how inspectors general would assess agencies about their cybersecurity implementations.

The Department of Homeland Security component is also working with the Federal Chief Information Officer Council, the NIST and the Council of IG on Integrity and Efficiency about the relation of zero trust and SP 800-53. CISA will also use the Continuous Diagnostics and Mitigation Program to help agencies achieve zero trust.

Sign Up Now! Potomac Officers Club provides you with Daily Updates and News Briefings about Cybersecurity

Posted on by Lawrence Carter

Category: Cybersecurity

Tags: cybersecurity Cybersecurity and Infrastructure Security Agency cybersecurity environment Department of Homeland Security Federal News Network John Simms National Institute of Standards and Security zero trust

Related Articles

NSA Releases Guidance on Secure Deployment of External AI Systems

NSA Releases Guidance on Secure Deployment of External AI Systems

April 17, 2024

 Arcfield Secures $93M Air Force Contract to Continue Cross-Domain Cyber Solutions Development

Arcfield Secures $93M Air Force Contract to Continue Cross-Domain Cyber Solutions Development

April 17, 2024

 Microsoft Issues Cloud Services Guide to Support DOD’s Zero Trust Framework

Microsoft Issues Cloud Services Guide to Support DOD’s Zero Trust Framework

April 17, 2024